Health Insurance Portability and Accountability Act (HIPAA)

To protect patient health information, the Health Insurance Portability and Accountability Act (HIPAA) of 1996, Public Law 104-191, required the Department of Health and Human Services (HHS) to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers, as well as the adoption of federal privacy protections for individually identifiable health information. In response to the HIPAA mandate, the HHS developed the Privacy Rule, which established national standards to protect and guard against the misuse of individually identifiable health information for certain health care entities (i.e., health plans, health care clearinghouses, and health care providers who conduct certain health care transactions electronically). Since students are routinely exposed to patients’ protected health information and must comply with health care facilities’ policies and procedures, all students in the SPAHP are required to attend HIPAA and Privacy Rule training sessions prior to engaging in experiential education activities. Each non-traditional, transitional, and post-professional Program Director will inform post-professional students in advance of when required HIPAA and Privacy Rule training documentation must be submitted and will monitor student compliance.